Kaspersky Industrial CyberSecurity for Networks saves data on its operation in logs. Depending on the type of log, the application saves data in the Server database or in files in local folders on the node of the Server or sensor.
Logs saved in the Server database
The application saves the following logs in the Server database:
For each log, you can set the size limit for storing records in the log storage settings.
The program monitors logging. If the occupied space of the audit log or message log of the program approaches the specified limit, the program displays a notification in the web interface menu. The notification is displayed in an open connection session of a user with the Administrator role.
To prevent the loss of important information in your logs due to automatic deletion of old entries, you can export the entries to a file. The program also allows you to configure automatic transfer of data from logs to third-party systems through connectors.
Logs saved in files
Information about application processes is saved as files in local folders. Process log files may contain the following information:
Information about processes is stored according to the defined logging levels for processes.
You can use a text editor to view files containing process logs. Root privileges in the operating system are required for providing access to logs.
Files containing process logs are stored in non-encrypted form. You are advised to ensure protection against unauthorized access to information.
Page top